Update README.md

README.md

@@ -3,7 +3,7 @@
 
 A step by step approach on how to setup and run the openLDAP server on a classic systemd-less Docker image container, **optional steps are marked with __*__**
 
-### _Creating the ldapdock container_
+### _Creating the ldapdock image container_
 
 build ldapdock
 ```
@@ -17,92 +17,124 @@ REPOSITORY    TAG       IMAGE ID       CREATED       SIZE
 ldapdock      latest    0e4a1521b346   6 hours ago   138MB
 ```
 
-run into the container setting up the LDAP server and the hostname 
+run into the container to setup openLDAP
 ```
 > docker run -h example.com -i -t ldapdock /bin/bash
 ```
+### _Inside the ldapdock image container_
 
-### _Inside the ldapdock image_
+make sure to use the following command to start openLDAP
-
-start the openLDAP daemon server
 ```
-> service slapd start
+root@example:/# slapd -h "ldap:/// ldapi:///" -g openldap -u openldap -F /etc/ldap/slapd.d
- * Starting OpenLDAP slapd                        [ OK ]
 ```
 
-__*__ edit base configuration of openLDAP server 
+test connectivity to slapd
 ```
-> vim /etc/ldap/ldap.conf
+root@example:/# ldapsearch -x -H ldap://localhost -b "dc=example,dc=com" -s base "(objectclass=*)"
+# extended LDIF
+#
+# LDAPv3
+# base <dc=example,dc=com> with scope baseObject
+...
 ```
 
-__*__ check basic LDAP schemas are loaded
+make new test LDAP directories (LDAP OU) and create two attributes/branches with People and Group 
 ```
-# ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=schema,cn=config dn
+root@example:/# vim base.ldif
-dn: cn=schema,cn=config
-
-dn: cn={0}core,cn=schema,cn=config
-
-dn: cn={1}cosine,cn=schema,cn=config
-
-dn: cn={2}nis,cn=schema,cn=config
-
-dn: cn={3}inetorgperson,cn=schema,cn=config
-```
-__*__ load basic LDAP schemas in case the base config didn't
-```
-# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/core.ldif
-SASL/EXTERNAL authentication started
-SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
-SASL SSF: 0
-adding new entry "cn=core,cn=schema,cn=config"
 ```
 
-create a **password** for openLDAP root user
 ```
-> slappasswd
+dn: ou=People,dc=example,dc=com
+objectClass: organizationalUnit
+ou: People
+
+dn: ou=Groups,dc=example,dc=com
+objectClass: organizationalUnit
+ou: Group
+```
+
+create the test directory in our LDAP server, the password in the dockerfile by default is _admin_
+```
+root@example:/# ldapadd -x -D cn=admin,dc=example,dc=com -W -f base.ldif
+Enter LDAP Password:
+adding new entry "ou=People,dc=example,dc=com"
+
+adding new entry "ou=Groups,dc=example,dc=com"
+```
+
+verify the entries in the LDAP server
+```
+root@example:/# ldapsearch -x -LLL -b dc=example,dc=com 'ou=People' dn
+dn: ou=People,dc=example,dc=com
+root@example:/# ldapsearch -x -LLL -b dc=example,dc=com 'ou=Groups' dn
+dn: ou=Groups,dc=example,dc=com
+```
+now we have an **Organizational Unit (ou=People, ou=Group, etc.)** with users and groups within an LDAP directory structure correctly created
+
+### _Users administrative tasks_
+
+create a new LDAP directory called Supergirls (LDAP OU) with the following data
+```
+root@example:/# vim add_ou.ldif
+dn: ou=Supergirls,dc=example,dc=com
+objectClass: organizationalUnit
+ou: Supergirls
+```
+
+create it in our LDAP server, when asked for the root password, remember in the dockerfile by default is _admin_
+```
+root@example:/# ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f add_ou.ldif
+Enter LDAP Password:
+adding new entry "ou=Supergirls,dc=example,dc=com"
+```
+
+verify the entry in the LDAP server
+```
+root@example:/# ldapsearch -x -LLL -b "dc=example,dc=com" "(ou=Supergirls)" dn
+dn: ou=Supergirls,dc=example,dc=com
+
+root@example:/#
+```
+
+create a new LDAP password to manage our new directory, and annotate the result hashed password
+```
+root@example:/# slappasswd
 New password:
 Re-enter new password:
-{SSHA}hashpwd
+{SSHA}hashedpasswd
 ```
 
-__*__ checkout the root DN configuration, the oldRootDN that we will setup later 
+create a .ldif file with the necessary attributes to insert in our Supergirls directory
 ```
-> ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config "(olcRootDN=*)" olcRootDN
+root@example:/# vim add_user_supergirls.ldif
-dn: olcDatabase={0}config,cn=config
+dn: uid=marisa,ou=Supergirls,dc=example,dc=com
-olcRootDN: cn=admin,cn=config
+objectClass: inetOrgPerson
-
+objectClass: posixAccount
-dn: olcDatabase={1}mdb,cn=config
+cn: Marisa
-olcRootDN: cn=admin,dc=example,dc=com
+sn: Kirisame
+givenName: Marisa
+displayName: Marisa Kirisame
+uid: marisa
+uidNumber: 1001
+gidNumber: 5000
+homeDirectory: /home/marisa
+loginShell: /bin/bash
+userPassword: {SSHA}hashedpasswd
+mail: marisa@example.com
 ```
 
-### _Base administrative Tasks for openLDAP_
+insert the new user (marisa) in our Supergirls directory (LDAP OU), still using the root password _admin_
-
-create a file setting up our default root DN and our *hostname* **(change *dc=example,dc=com* as needed)**
 ```
-> vim change_root.ldif
+root@example:/# ldapadd -x -D "cn=admin,dc=example,dc=com" -W -f add_user_supergirls.ldif
-dn: olcDatabase={1}mdb,cn=config
+Enter LDAP Password:
-changetype: modify
+adding new entry "uid=marisa,ou=Supergirls,dc=example,dc=com"
-replace: olcRootDN
-olcRootDN: cn=admin,dc=example,dc=com
-```
-now save this changes in the main database
-```
-> ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f change_root.ldif
 ```
 
-create a file setting up our default rootPW **(change *{SSHA}hashpwd* with our previous *password*)**
+verify the user (marisa) has been added tp tje Supergirls OU
 ```
-> vim change_password.ldif
+root@example:/# ldapsearch -x -LLL -b "dc=example,dc=com" "(uid=marisa)" dn
-dn: olcDatabase={1}mdb,cn=config
+dn: uid=marisa,ou=Supergirls,dc=example,dc=com
-changetype: modify
-replace: olcRootPW
-olcRootPW: {SSHA}hashpwd
 ```
-now apply our new password for the main database
+
-```
-> ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f change_password.ldif
-modifying entry "olcDatabase={1}mdb,cn=config"
-```
-we are done with our openLDAP root configuration and can begin creating new LDAP directories (.ldif files)